def handle_client(settings, args):
from u2fval.client.controller import ClientController
session = create_session(settings, args.debug)
controller = ClientController(session)
cmd = args.action
if cmd == 'list':
for client in controller.list_clients():
print(client)
else:
try:
if cmd == 'create':
controller.create_client(args.name, args.appId, args.facets)
print('Created client: %s' % args.name)
elif cmd == 'show':
client = controller.get_client(args.name)
print('Client: %s' % client.name)
print('AppID: %s' % client.app_id)
print('FacetIDs:')
for facet in client.valid_facets:
print(' %s' % facet)
elif cmd == 'update':
controller.update_client(args.name, args.appId, args.facets)
print('Updated client: %s' % args.name)
elif cmd == 'delete':
controller.delete_client(args.name)
print('Deleted client: %s' % args.name)
session.commit()
except Exception as e:
print(e)
if args.debug:
raise e
sys.exit(1)
def handle_client(settings, args):
from u2fval.client.controller import ClientController
session = create_session(settings, args.debug)
controller = ClientController(session)
cmd = args.action
if cmd == 'list':
for client in controller.list_clients():
print(client)
else:
try:
if cmd == 'create':
controller.create_client(args.name, args.appId, args.facets)
print('Created client: %s' % args.name)
elif cmd == 'show':
client = controller.get_client(args.name)
print('Client: %s' % client.name)
print('AppID: %s' % client.app_id)
print('FacetIDs:')
for facet in client.valid_facets:
print(' %s' % facet)
elif cmd == 'update':
controller.update_client(args.name, args.appId, args.facets)
print('Updated client: %s' % args.name)
elif cmd == 'delete':
controller.delete_client(args.name)
print('Deleted client: %s' % args.name)
session.commit()
except Exception as e:
print(e)
if args.debug:
raise e
sys.exit(1)
def handle_client(settings, args):
from u2fval.client.controller import ClientController
session = create_session(settings, args.debug)
controller = ClientController(session)
cmd = args.action
if cmd == "list":
for client in controller.list_clients():
print client
else:
try:
if cmd == "create":
controller.create_client(args.name, args.appId, args.facets)
print "Created client: %s" % args.name
elif cmd == "show":
client = controller.get_client(args.name)
print "Client: %s" % client.name
print "AppID: %s" % client.app_id
print "FacetIDs:"
for facet in client.valid_facets:
print " %s" % facet
elif cmd == "update":
controller.update_client(args.name, args.appId, args.facets)
print "Updated client: %s" % args.name
elif cmd == "delete":
controller.delete_client(args.name)
print "Deleted client: %s" % args.name
session.commit()
except Exception as e:
print e
if args.debug:
raise e
sys.exit(1)
def setUp(self):
os.environ['U2FVAL_SETTINGS'] = '/dev/null'
from u2fval.config import settings
settings['allow_untrusted'] = True
engine = create_engine(settings['db'])
Base.metadata.create_all(engine)
Session = sessionmaker(bind=engine)
session = Session()
self.client_controller = ClientController(session)
self.client_controller.create_client('fooclient',
'https://example.com',
['https://example.com'])
self.app = TestApp(create_application(settings, session))
def handle_run(settings, args):
from u2fval.core.api import create_application
from u2fval.client.pathinfo_auth import client_from_pathinfo
from u2fval.client.controller import ClientController
from wsgiref.simple_server import make_server
extra_environ = {}
if args.client:
# Ensure the existance of the client.
session = create_session(settings, args.debug)
controller = ClientController(session)
controller.get_client(args.client)
session.close()
print("Running in single-client mode for client: '%s'" % args.client)
extra_environ['REMOTE_USER'] = args.client
application = create_application(settings)
else:
application = client_from_pathinfo(create_application(settings))
httpd = make_server(args.interface, args.port, application)
httpd.base_environ.update(extra_environ)
print("Starting server on http://%s:%d..." % (args.interface, args.port))
httpd.serve_forever()
def handle_run(settings, args):
from u2fval.core.api import create_application
from u2fval.client.pathinfo_auth import client_from_pathinfo
from u2fval.client.controller import ClientController
from wsgiref.simple_server import make_server
extra_environ = {}
if args.client:
# Ensure the existance of the client.
session = create_session(settings, args.debug)
controller = ClientController(session)
controller.get_client(args.client)
session.close()
print("Running in single-client mode for client: '%s'" % args.client)
extra_environ['REMOTE_USER'] = args.client
application = create_application(settings)
else:
application = client_from_pathinfo(create_application(settings))
httpd = make_server(args.interface, args.port, application)
httpd.base_environ.update(extra_environ)
print("Starting server on http://%s:%d..." % (args.interface, args.port))
httpd.serve_forever()
class RestApiTest(unittest.TestCase):
def setUp(self):
os.environ['U2FVAL_SETTINGS'] = '/dev/null'
from u2fval.config import settings
settings['allow_untrusted'] = True
engine = create_engine(settings['db'])
Base.metadata.create_all(engine)
Session = sessionmaker(bind=engine)
session = Session()
self.client_controller = ClientController(session)
self.client_controller.create_client('fooclient',
'https://example.com',
['https://example.com'])
self.app = TestApp(create_application(settings, session))
def test_call_without_client(self):
err = self.app.get('/', status=400)
assert err.json['errorCode'] == exc.BadInputException.code
def test_call_with_invalid_client(self):
err = self.app.get('/', status=400,
extra_environ={'REMOTE_USER': '******'})
assert err.json['errorCode'] == exc.BadInputException.code
def test_get_trusted_facets(self):
resp = self.app.get('/', extra_environ={'REMOTE_USER': '******'})
assert 'https://example.com' in resp.json['trustedFacets'][0]['ids']
def test_list_empty_devices(self):
resp = self.app.get('/foouser',
extra_environ={'REMOTE_USER': '******'})
assert resp.json == []
def test_begin_auth_without_devices(self):
err = self.app.get('/foouser/authenticate', status=400,
extra_environ={'REMOTE_USER': '******'})
assert err.json['errorCode'] == exc.NoEligibleDevicesException.code
def test_register(self):
device = SoftU2FDevice()
self.do_register(device, {'foo': 'bar'})
def test_authenticate(self):
device = SoftU2FDevice()
self.do_register(device, {'foo': 'bar', 'baz': 'one'})
descriptor = self.do_authenticate(device, {'baz': 'two'})
assert descriptor['properties'] == {
'foo': 'bar',
'baz': 'two'
}
def test_get_properties(self):
device = SoftU2FDevice()
descriptor = self.do_register(device, {'foo': 'bar', 'baz': 'foo'})
descriptor2 = self.app.get('/foouser/' + descriptor['handle'],
extra_environ={'REMOTE_USER': '******'})
assert descriptor2.json['properties'] == {'foo': 'bar', 'baz': 'foo'}
def test_get_devices(self):
self.do_register(SoftU2FDevice())
self.do_register(SoftU2FDevice())
self.do_register(SoftU2FDevice())
resp = self.app.get('/foouser',
extra_environ={'REMOTE_USER': '******'})
descriptors = resp.json
assert len(descriptors) == 3
def test_delete_user(self):
self.do_register(SoftU2FDevice())
self.do_register(SoftU2FDevice())
self.do_register(SoftU2FDevice())
self.app.delete('/foouser',
extra_environ={'REMOTE_USER': '******'})
resp = self.app.get('/foouser',
extra_environ={'REMOTE_USER': '******'})
assert resp.json == []
def test_delete_devices(self):
d1 = self.do_register(SoftU2FDevice())
d2 = self.do_register(SoftU2FDevice())
d3 = self.do_register(SoftU2FDevice())
self.app.delete('/foouser/' + d2['handle'],
extra_environ={'REMOTE_USER': '******'})
resp = self.app.get('/foouser',
extra_environ={'REMOTE_USER': '******'})
assert len(resp.json) == 2
self.app.delete('/foouser/' + d1['handle'],
extra_environ={'REMOTE_USER': '******'})
resp = self.app.get('/foouser',
extra_environ={'REMOTE_USER': '******'})
assert resp.json == [d3]
self.app.delete('/foouser/' + d3['handle'],
extra_environ={'REMOTE_USER': '******'})
resp = self.app.get('/foouser',
extra_environ={'REMOTE_USER': '******'})
assert resp.json == []
def do_register(self, device, properties=None):
reg_req = self.app.get('/foouser/register',
extra_environ={'REMOTE_USER': '******'})
assert len(reg_req.json['authenticateRequests']) == \
len(reg_req.json['authenticateDescriptors'])
reg_resp = device.register(reg_req.json['registerRequests'][0],
'https://example.com')
if properties is None:
properties = {}
descriptor = self.app.post_json('/foouser/register', {
'registerResponse': reg_resp.json,
'properties': properties
}, extra_environ={'REMOTE_USER': '******'})
assert descriptor.json['properties'] == properties
return descriptor.json
def do_authenticate(self, device, properties=None):
aut_req = self.app.get('/foouser/authenticate',
extra_environ={'REMOTE_USER': '******'})
aut_resp = device.getAssertion(aut_req.json['authenticateRequests'][0],
'https://example.com')
if properties is None:
properties = {}
return self.app.post_json('/foouser/authenticate', {
'authenticateResponse': aut_resp.json,
'properties': properties
}, extra_environ={'REMOTE_USER': '******'}).json
